Hardware design and verification The hardware design and hardware verification need to be done independently. The hardware designer works to ensure the design of the hardware will meet the defined requirements. Meanwhile, the verification engineer will generate a verification plan which will allow for testing the hardware to verify that it meets all of its derived requirements.
Planning process The planning process is the first step where the design authority (the company who develops the H/W and implements the
COTS into its design) declares its approach towards the certification. At this point the PHAC (Plan for H/W Aspects of Certification) is presented to the authorities (EASA, FAA...). In this plan, the developer presents its approach and how DO-254/ED-80 is implemented. The PHAC is submitted as part of the authorities 1st stage of involvement (SOI#1). It is important to note that: • EASA wrote a certification memoranda to require the use of DO-254 for all complex electronics within a system, stating that all equipment and CBA with a Design assurance classification of A, B, C or D should meet level D objectives for the equipment and CBA, regardless of the DAL of the system or aircraft function. • FAA wrote a Final Report for System-Level Assurance of Airborne Electronic stating that CBA do not reach a level of complexity that would require such a structured development process to be fully deployed; a verification testing approach is deemed sufficient to providing assurance. For a generic DO-254 based process, a job aid is provided including the Stages of Involvement (SOIs) defined by FAA on the "Airborne Electronic Hardware Review Job Aid".
Hardware design processes • Requirements Capture • Conceptual Design • Detailed Design • Implementation • Verification • Transfer to production
Validation and verification process The
hardware requirement validation process provides assurance that the hardware item derived requirements are correct and complete with respect to system requirements allocated to the hardware item. Validation of hardware requirements allocated from system requirements is a
system process, rather than a hardware process. As such, hardware requirements that are derived by hardware processes should be identified to system processes for validation against the system requirements. For the purposes of this document's processes, a requirement is complete when all the attributes that have been defined are necessary and that all the necessary attributes have been defined, and a requirement is correct when the requirement is defined without ambiguity and there are no errors in the defined attributes. The
verification process provides assurance that the hardware item implementation meets all of the hardware requirements, including derived requirements. Methods of verification include qualitative review, quantitative analysis, and functional testing. A widely used industry definition for the difference is: • Validation - designing the right system! • Verification - designing the system right!
Additional considerations •
Configuration Management Process • Process Assurance • Certification Liaison Process • Hardware Design Life Cycle Data • Use of Previously Developed Hardware • Commercial-Off-The Shelf (
COTS) Components Usage • Product Service Experience • Tool Assessment and Qualification • Appendix A. Modulation of Hardware Life Cycle Data Based on Hardware Design Assurance Level • Appendix B. Design Assurance Considerations for Level A and B Functions • Appendix C. Glossary of Terms • Appendix D. Acronyms
Important considerations • Section 1.6, Complexity Considerations, presents the definition for simple and complex hardware items. • Table 5–1, Typical ASIC/PLD Process Mapping, presents a process mapping very useful for practical application considering the scope of
AC 20-152. • Appendix B Design Assurance Considerations for Level A and B Functions - the longest chapter of the document - prepares the future of
embedded electronics, paving the way for advanced design and verification methods, well known to the outside world, but fairly new for the avionics industry.
Application to simple electronic hardware While simple electronic hardware (SEH) is within the scope of DO-254/ED-80, The Certification Authorities Software Team published the Position Paper CAST-30,
Simple Electronic Hardware and RTCA Document DO-254 and EUROCAE Document ED-80, to provide clarification to the guidance for simple electronic hardware. This clarification was amplified as FAA guidance in
FAA Order 8110.105. Essentially, for simple electronic hardware, the verification through “comprehensive combination of deterministic testing and analysis” that justifies the simple classification needs to be defined, performed, and recorded. However, the appropriate "rigor and thoroughness" of that verification depends on the hardware design assurance level. For Level A/B, test coverage analysis should confirm that all nodes and interconnections have been exercised (comparable to DO-178C structural coverage objectives), while for Level C it is only needed to demonstrate correct operation under all combinations and permutations of conditions applied only to the inputs of the device (black box), and Level D testing can be accomplished through indirect tests applied to the system that has the item installed. If certification as a simple electronic device is sought, minimal documentation still should be submitted. A Plan for Hardware Aspects of Certification (PHAC) should be submitted to communicate the justification and means of certification, and a Hardware Verification Plan should be submitted to communicate the rigor and methods of the deterministic testing and analysis. Hardware Accomplishment Summary should be submitted to show compliance to the PHAC, and a Hardware Configuration Index should be submitted to define the production baseline that is the subject of the Hardware Identification and Compliance Statement in the Hardware Accomplishment Summary. ==Resources==